admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/0xxx/CVE-2023-0773.json
CVE Team d3ed36854b
"-Synchronized-Data."
2023-09-19 10:00:35 +00:00

160 lines
7.3 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-0773",
"ASSIGNER": "vdisclose@cert-in.org.in",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain complete control of the targeted device.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Uniview",
"product": {
"product_data": [
{
"product_name": "Uniview IP Camera IPC322LB-SF28-A",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "CIPC-B2303.X.X.XXXXXX",
"version_value": "CIPC-B2303.2.8.230105"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1213.X.X.XXXXXX",
"version_value": "DIPC-B1213.6.5.230215"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1216.X.X.XXXXXX",
"version_value": "DIPC-B1216.5.7.230109"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1221.X.X.XXXXXX",
"version_value": "DIPC-B1221.3.5.221202"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1222.X.X.XXXXXX",
"version_value": "DIPC-B1222.3.8.230223"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1225.X.X.XXXXXX",
"version_value": "DIPC-B1225.3.3.221123"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1226.X.X.XXXXXX",
"version_value": "DIPC-B1226.3.6.230105"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1219.X.X.XXXXXX",
"version_value": "DIPC-B1219.2.67.221019"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1223.X.X.XXXXXX",
"version_value": "DIPC-B1223.3.3.221123"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1228.X.X.XXXXXX",
"version_value": "DIPC-B1228.2.65.230207"
},
{
"version_affected": "<=",
"version_name": "DIPC-B1229.X.X.XXXXXX",
"version_value": "DIPC-B1229.1.67.230104"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0270",
"refsource": "MISC",
"name": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0270"
},
{
"url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm",
"refsource": "MISC",
"name": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm\">https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm</a>"
}
],
"value": " https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm "
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Souvik Kandar and Arko Dhar from Redinent Innovations Engineering & Research Team, Karnataka, India."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink